> I have 2 computers at home:
> - 1 Win95 machine (10.0.0.2)
> - 1 Linux 1.3.20 machine
> The Linux machine is sometimes connected to the Internet using SLIP. It has
> an dynamic IP. The NET-2-HOWTO gives an explanation for masquerading using a
> similar setup.
> I have compiled the kernel with IP-forwarding/IP-masquerading etc.
> I have used the command:
> ipfw a m all from 10.0.0.2/32 to 0.0.0.0/0
>
> I can ping the Linux box, but i get 'network is unreachable' when i try to
> ping other computers on the internet.
> What am i doing wrong??????
You assume masquerading works for ping (i.e., ICMP messages) too,
which is not the case. Masquerading uses the port numbers of
TCP and UDP, and will only work for these two protocols.
For all other IP packets (of which ICMP messages are the most widely
used example) the masquerading rule in the forwarding firewall just
means "accept". But, because you're using RFC1597 addresses, these
packets will never pass a router on the Internet and will always fail.
-- -- Jos Vos <jos@xos.nl> -- X/OS Experts in Open Systems BV | Phone: +31 20 6938364 -- Amsterdam, The Netherlands | Fax: +31 20 6948204